<?php
/**
 * Application level Controller
 *
 * This file is application-wide controller file. You can put all
 * application-wide controller-related methods here.
 *
 * PHP 5
 *
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://cakephp.org CakePHP(tm) Project
 * @package       app.Controller
 * @since         CakePHP(tm) v 0.2.9
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */

App::uses('Controller', 'Controller');

/**
 * Application Controller
 *
 * Add your application-wide methods in the class below, your controllers
 * will inherit them.
 *
 * @package       app.Controller
 * @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
 */
class AppController extends Controller {

	
	public $components = array(
		'Session',
		'Auth' => array(
			'loginRedirect' => array('controller' => 'Pages', 'action' => 'index'),
			'logoutRedirect' => array('controller' => 'Users', 'action' => 'login'),
			'authorize' => array('Controller') // Added this line
		)
	);

    public function beforeFilter() {
	
		if(isset($this->params['admin'])) {
			// check the admin is logged in
			// this method is in the app_controller.php file
			//$this->checkAdminSession();
			$this->checkSession();
		}
		
        $this->Auth->allow('index', 'view','login');
    }
	
	public function isAuthorized($user) {
    // Admin can access every action
    if (isset($user['role']) && $user['role'] === 'admin') {
        return true;
    }
    // Default deny
    return false;
	}
	
	function checkSession() {
        
		if (!$this->Session->check('User')) {
			// set flash message and redirect
			$this->Session->setFlash('You need to be logged in to access this area');
			$this->redirect($this->Auth->redirect());
			exit();
		}
    }
}
